Skip to content

Commit

Permalink
feat: Replace default Go user-agent with oauth2-proxy and version (oa…
Browse files Browse the repository at this point in the history 
…uth2-proxy#2570)

* feat: Replace default Go user-agent with oauth2-proxy and version

* Add to CHANGELOG

* Make userAgentTransport configurable and composable

* Use correct naming convention for DefaultHTTPClient

* Move version to own package and use named arguments

* Update version path in Makefile

* Fix import path in Makefile

* Change importpath in dist.sh

* Minor style issues
  • Loading branch information
@middagj @jjlakis
middagj authored and jjlakis committed Oct 19, 2024
1 parent 0ef0ae9 commit 06031d4
Show file tree
Hide file tree
Showing 11 changed files with 54 additions and 9 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@

- [#2539](https://github.com/oauth2-proxy/oauth2-proxy/pull/2539) pkg/http: Fix leaky test (@isodude)
- [#4917](https://github.com/oauth2-proxy/oauth2-proxy/pull/4917) Upgraded all modules to the latest version (@pierluigilenoci)
- [#2570](https://github.com/oauth2-proxy/oauth2-proxy/pull/2570) Set default user agent to oauth2-proxy/$version (from default Golang one)

# V7.6.0

Expand Down
2 changes: 1 addition & 1 deletion Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ lint: validate-go-version
build: validate-go-version clean $(BINARY)

$(BINARY):
CGO_ENABLED=0 $(GO) build -a -installsuffix cgo -ldflags="-X main.VERSION=${VERSION}" -o $@ github.com/oauth2-proxy/oauth2-proxy/v7
CGO_ENABLED=0 $(GO) build -a -installsuffix cgo -ldflags="-X github.com/oauth2-proxy/oauth2-proxy/v7/pkg/version.VERSION=${VERSION}" -o $@ github.com/oauth2-proxy/oauth2-proxy/v7

DOCKER_BUILD_PLATFORM ?= linux/amd64,linux/arm64,linux/ppc64le,linux/arm/v7
DOCKER_BUILD_RUNTIME_IMAGE ?= gcr.io/distroless/static:nonroot
Expand Down
6 changes: 4 additions & 2 deletions dist.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,10 +32,12 @@ for ARCH in "${ARCHS[@]}"; do
# Create architecture specific binaries
if [[ ${GO_ARCH} == armv* ]]; then
GO_ARM=$(echo $GO_ARCH | awk -Fv '{print $2}')
GO111MODULE=on GOOS=${GO_OS} GOARCH=arm GOARM=${GO_ARM} CGO_ENABLED=0 go build -ldflags="-X main.VERSION=${VERSION}" \
GO111MODULE=on GOOS=${GO_OS} GOARCH=arm GOARM=${GO_ARM} CGO_ENABLED=0 go build \
-ldflags="-X github.com/oauth2-proxy/oauth2-proxy/v7/pkg/version.VERSION=${VERSION}" \
-o release/${BINARY}-${VERSION}.${ARCH}/${BINARY} .
else
GO111MODULE=on GOOS=${GO_OS} GOARCH=${GO_ARCH} CGO_ENABLED=0 go build -ldflags="-X main.VERSION=${VERSION}" \
GO111MODULE=on GOOS=${GO_OS} GOARCH=${GO_ARCH} CGO_ENABLED=0 go build \
-ldflags="-X github.com/oauth2-proxy/oauth2-proxy/v7/pkg/version.VERSION=${VERSION}" \
-o release/${BINARY}-${VERSION}.${ARCH}/${BINARY} .
fi

Expand Down
3 changes: 2 additions & 1 deletion main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/validation"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/version"
"github.com/spf13/pflag"
)

Expand All @@ -28,7 +29,7 @@ func main() {
configFlagSet.Parse(os.Args[1:])

if *showVersion {
fmt.Printf("oauth2-proxy %s (built with %s)\n", VERSION, runtime.Version())
fmt.Printf("oauth2-proxy %s (built with %s)\n", version.VERSION, runtime.Version())
return
}

Expand Down
3 changes: 2 additions & 1 deletion oauthproxy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ import (
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/encryption"
proxyhttp "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/http"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/util"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/version"

"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/ip"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
Expand Down Expand Up @@ -142,7 +143,7 @@ func NewOAuthProxy(opts *options.Options, validator func(string) bool) (*OAuthPr
CustomLogo: opts.Templates.CustomLogo,
ProxyPrefix: opts.ProxyPrefix,
Footer: opts.Templates.Footer,
Version: VERSION,
Version: version.VERSION,
Debug: opts.Templates.Debug,
ProviderName: buildProviderName(provider, opts.Providers[0].Name),
SignInMessage: buildSignInMessage(opts),
Expand Down
2 changes: 2 additions & 0 deletions pkg/providers/oidc/provider_verifier.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"fmt"

"github.com/coreos/go-oidc/v3/oidc"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/requests"
k8serrors "k8s.io/apimachinery/pkg/util/errors"
)

Expand Down Expand Up @@ -130,6 +131,7 @@ func getVerifierBuilder(ctx context.Context, opts ProviderVerifierOptions) (veri

// newVerifierBuilder returns a function to create a IDToken verifier from an OIDC config.
func newVerifierBuilder(ctx context.Context, issuerURL, jwksURL string, supportedSigningAlgs []string) verifierBuilder {
ctx = oidc.ClientContext(ctx, requests.DefaultHTTPClient)
keySet := oidc.NewRemoteKeySet(ctx, jwksURL)
return func(oidcConfig *oidc.Config) *oidc.IDTokenVerifier {
if len(supportedSigningAlgs) > 0 {
Expand Down
4 changes: 2 additions & 2 deletions pkg/requests/builder.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func (r *builder) WithMethod(method string) Builder {

// WithHeaders replaces the request header map with the given header map.
func (r *builder) WithHeaders(header http.Header) Builder {
r.header = header
r.header = header.Clone()
return r
}

Expand Down Expand Up @@ -99,7 +99,7 @@ func (r *builder) do() Result {
}
req.Header = r.header

resp, err := http.DefaultClient.Do(req)
resp, err := DefaultHTTPClient.Do(req)
if err != nil {
r.result = &result{err: fmt.Errorf("error performing request: %v", err)}
return r.result
Expand Down
4 changes: 3 additions & 1 deletion pkg/requests/builder_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,8 @@ import (
"fmt"
"net/http"

"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/version"

"github.com/bitly/go-simplejson"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
Expand All @@ -19,7 +21,7 @@ var _ = Describe("Builder suite", func() {

baseHeaders := http.Header{
"Accept-Encoding": []string{"gzip"},
"User-Agent": []string{"Go-http-client/1.1"},
"User-Agent": []string{"oauth2-proxy/" + version.VERSION},
}

BeforeEach(func() {
Expand Down
29 changes: 29 additions & 0 deletions pkg/requests/http.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
package requests

import (
"net/http"

"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/version"
)

type userAgentTransport struct {
next http.RoundTripper
userAgent string
}

func (t *userAgentTransport) RoundTrip(req *http.Request) (*http.Response, error) {
r := req.Clone(req.Context())
setDefaultUserAgent(r.Header, t.userAgent)
return t.next.RoundTrip(r)
}

var DefaultHTTPClient = &http.Client{Transport: &userAgentTransport{
next: http.DefaultTransport,
userAgent: "oauth2-proxy/" + version.VERSION,
}}

func setDefaultUserAgent(header http.Header, userAgent string) {
if header != nil && len(header.Values("User-Agent")) == 0 {
header.Set("User-Agent", userAgent)
}
}
2 changes: 1 addition & 1 deletion version.go → pkg/version/version.go
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package main
package version

// VERSION contains version information
var VERSION = "undefined"
7 changes: 7 additions & 0 deletions providers/oidc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,11 @@ import (
"net/url"
"time"

"github.com/coreos/go-oidc/v3/oidc"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/requests"
"golang.org/x/oauth2"
)

Expand Down Expand Up @@ -83,6 +85,8 @@ func (p *OIDCProvider) Redeem(ctx context.Context, redirectURL, code, codeVerifi
},
RedirectURL: redirectURL,
}

ctx = oidc.ClientContext(ctx, requests.DefaultHTTPClient)
token, err := c.Exchange(ctx, code, opts...)
if err != nil {
return nil, fmt.Errorf("token exchange failed: %v", err)
Expand All @@ -103,6 +107,7 @@ func (p *OIDCProvider) EnrichSession(_ context.Context, s *sessions.SessionState

// ValidateSession checks that the session's IDToken is still valid
func (p *OIDCProvider) ValidateSession(ctx context.Context, s *sessions.SessionState) bool {
ctx = oidc.ClientContext(ctx, requests.DefaultHTTPClient)
_, err := p.Verifier.Verify(ctx, s.IDToken)
if err != nil {
logger.Errorf("id_token verification failed: %v", err)
Expand All @@ -127,6 +132,7 @@ func (p *OIDCProvider) RefreshSession(ctx context.Context, s *sessions.SessionSt
return false, nil
}

ctx = oidc.ClientContext(ctx, requests.DefaultHTTPClient)
err := p.redeemRefreshToken(ctx, s)
if err != nil {
return false, fmt.Errorf("unable to redeem refresh token: %v", err)
Expand Down Expand Up @@ -185,6 +191,7 @@ func (p *OIDCProvider) redeemRefreshToken(ctx context.Context, s *sessions.Sessi

// CreateSessionFromToken converts Bearer IDTokens into sessions
func (p *OIDCProvider) CreateSessionFromToken(ctx context.Context, token string) (*sessions.SessionState, error) {
ctx = oidc.ClientContext(ctx, requests.DefaultHTTPClient)
idToken, err := p.Verifier.Verify(ctx, token)
if err != nil {
return nil, err
Expand Down

0 comments on commit 06031d4

Please sign in to comment.